syzbot


KASAN: use-after-free Read in is_bpf_text_address
Status: fixed on 2019/11/23 02:56
Reported-by: syzbot+0cd01c9e0f5cd37a357e@syzkaller.appspotmail.com
Fix commit: cd7455f1013e bpf: Fix use after free in subprog's jited symbol removal
First crash: 770d, last: 767d

Cause bisection: the cause commit could be any of (bisect log):
  7105e828c087 bpf: allow for correlation of maps and helpers in dump
  7466177635be Merge branch 'bpftool-improvements-kallsymfix'
  4f74d80971bc bpf: fix kallsyms handling for subprogs
  c475ffad58a8 tools/bpf: adjust rlimit RLIMIT_MEMLOCK for test_dev_cgroup
  5f5a64111639 bpf: sparc64: Add JIT support for multi-function programs.
  7d9890ef505a libbpf: Fix build errors.
  06ef0ccb5a36 bpf/cgroup: fix a verification error for a CGROUP_DEVICE type prog
  fd05e57bb35a bpf: fix stacksafe exploration when comparing states
  6b80ad299208 bpf: selftest for late caller stack size increase
  c060bc6115b6 bpf: make function xdp_do_generic_redirect_map() static
  4ca998fe46b1 selftests/bpf: add netdevsim to config
  70a87ffea8ac bpf: fix maximum stack depth tracking logic
  5ee7f784cd32 bpf: arm64: fix uninitialized variable
  6b86c4217c23 selftests/bpf: additional stack depth tests
  aada9ce644e5 bpf: fix max call depth check
  fa2d41adb953 bpf: make function skip_callee static and return NULL rather than 0
  624588d9d6cc Merge branch 'bpf-stack-depth-tracking-fixes'
  e90004d56bf8 bpf: fix spelling mistake: "funcation"-> "function"
  fcffe2edbd39 Merge git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf-next
Patch testing requests:
Created Duration User Patch Repo Result
2019/10/22 15:01 17m daniel@iogearbox.net git://git.kernel.org/pub/scm/linux/kernel/git/dborkman/bpf.git pr/kallsyms-fix OK
2019/10/22 13:58 18m daniel@iogearbox.net git://git.kernel.org/pub/scm/linux/kernel/git/dborkman/bpf.git pr/kallsyms-fix OK

Sample crash report:

Crashes (3):
Manager Time Kernel Commit Syzkaller Config Log Report Syz repro C repro VM info Title
ci-upstream-kasan-gce-smack-root 2019/10/20 21:14 upstream 4fe34d61a3a9 8c88c9c1 .config log report syz C
ci-upstream-kasan-gce-smack-root 2019/10/23 21:56 upstream 13b86bc4cd64 b602d64b .config log report syz
ci-upstream-kasan-gce-smack-root 2019/10/22 00:23 upstream 7d194c2100ad b24d2b8a .config log report